Insurance fraud prevention in the age of cyber crime

Oct. 12, 2017 | by BioCatch

As the insurance industry continues to digitize, companies are facing new threats from fraudsters looking to make a profit by stealing insurance benefits or entitlements. Today’s cyber criminals are using stolen/synthetic identities to obtain fraudulent policy applications, take over legitimate accounts to make false claims, or change payee information to receive insurance funds. Online insurance fraud of this kind results in an annual cost of approximately $40 billion, costing the average American family $400-$700 in increased premiums.

Traditional security measures, such as passwords and two-factor authentication are not effective forms of insurance fraud prevention. Fraudsters can get around those barriers if they choose. Today’s threats require continuous authentication delivered by behavioral biometrics to spot and stop fraud in real-time. Similar to how behavioral biometrics has helped the banking industry detect and prevent fraud, it can serve the same measures for insurance fraud prevention by monitoring account sessions, claims payments, and any actions requiring money transfers.

Types of Online Insurance Fraud

Digitization and faster payments are increasing the risk of online insurance fraud by reducing the amount of time available to detect anomalies. Fraud is now happening in the moment, through activities such as new account fraud, social engineering, remote access, and payment hijacking.

Stolen/Synthetic Identities for Fraudulent Policy Applications

Often, fraudsters use identities that rely on a combination of stolen personal information and false details, such as a real social security number with a fake name, address, dates of birth and contact information. Then the fraudster can proceed to apply for an insurance policy and attempt to commit fraud.

Account Takeover and False Insurance Claims

Using social engineering schemes, malware and remote access tools, fraudsters can take over insurer/policy holder accounts in digital channels with the aim of filing false insurance claims. These claims may include: automobile property, personal injury, workers' compensation, health/residential and commercial property claims. 

Payee Information Changes for Payment Hijacking

Another common method is taking over the payroll system linked to the insurance platform, changing payee information in order to receive insurance funds intended for the genuine policy holder.

How Behavioral Biometrics Helps Prevent Fraud

One type of insurance fraud behavioral biometrics helps to prevent is vishing, or voice phishing. This is when a fraudster calls pretending to be an insurance company or payroll provider and asks for personal account information or access to an individual’s computer. With this access to information, a fraudster can change the account insurance money is going to, stealing it from the rightful recipient.

Behavioral biometrics, however, knows how an individual customer acts based on user profiles and can detect when they are being manipulated by social engineering schemes like vishing. If a customer is being prompted to act by a fraudster, they enter information differently or make unusual hesitations. And, if they unwittingly give a fraudster permission to access their screen, the fraudster will behave differently than the customer, and behavioral biometrics will flag the suspicious activity for the insurance company. The real insurance company can then call and ask their customer if they are completing the actions on their account, stopping fraud in real time.

The 3 F's of Insurance Fraud Prevention

BioCatch focuses on providing three main tenets when it comes to insurance fraud prevention: less fraud, less friction, and more functionality. We call them the 3 F’s, and they provide companies with more security and the ability to offer an improved user experience.

Less Fraud

Behavioral biometrics technology is extremely accurate at distinguishing between fraudsters and legitimate users. Using continuous authentication, we develop user profiles of identifying information, such as user swipe patterns. If these swipe patterns begin to differ because a fraudster has taken over an account, behavioral biometrics recognizes the change and sends an alert that fraudulent activity is underway. With similar methods, behavioral biometrics can prevent account takeover and the use of stolen identities in real-time, resulting in less overall insurance fraud for companies and their customers.

Less Friction

Less friction is all about creating a better online experience for a company’s users. Passwords and two-factor authentication may make consumers feel secure, but they’re not actually as secure as they seem. Hackers know how to get around these traditional authentication methods, and these forms of authentication also require extra work for users.

Whenever a user is on a session, behavioral biometrics technology continuously monitors their actions to ensure normal activity is taking place. If activity deviates from the normal user profile, the system picks up on the change and flags it as fraud.

For example, if someone logs in to check the status of their insurance claim, but then forgets to logout of their account. Continuous authentication is still underway, so if a fraudster began using that account, behavioral biometrics would detect the change in behavior. This is different from one-time authentication, such as passwords. Continuous authentication will always be monitoring a session, authenticating the user no matter what is happening, what actions they’ve taken, or what part of the session they’re in.

More Functionality

Behavioral biometrics helps companies provide more efficient operations and greater customer confidence in their digital offerings. Often companies forgo adding a new solution or feature to their online platform because of the huge security challenges presented by implementation. Behavioral biometrics allows companies to securely add new features by providing continuous authentication across the entirety of a company’s online offerings. Companies don’t need multiple logins or other authentication measures to determine how to authenticate users. BioCatch works within a company’s existing tech stack, offering individualized solutions for insurance fraud prevention for each company.

Learn More About Insurance Fraud Prevention in Our Webinar

You can learn more about how behavioral biometrics is preventing insurance fraud in a webinar with our co-founder and Head of Cyber Strategy, Uri Rivner. In it, he provides in depth information and analysis on:

  • How behavioral biometrics supports digital transformation in insurance
  • The 3 F's
  • How behavioral biometrics satisfies risk-based authentication requirements
  • How behavioral biometrics works with other technologies to provide strong authentication and protect against today's cyber threats, like malware, social engineering and Remote Access Trojans.

Access the webinar here.

Topics: Insurance, Fraud Prevention, Featured